LibreSSL: Fix compilation against LibreSSL >= 4.2.0

The type for the callback function in SSL_set_session_secret_cb() was
changed following the newer OpenSSL and BoringSSL scheme. Fix this by
adding the new LibreSSL version to the existing versions checks.

Signed-off-by: Johannes Nixdorf <johannes@nixdorf.dev>

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index f172241b4f4251479e8a28c99bdee2d2f60c1189..2f51b37efaa66ce0dda9b27b60c95cc6c07c846a 100644 (file)
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -5986,7 +5986,9 @@ int tls_global_set_params(void *tls_ctx,
  * commented out unless explicitly needed for EAP-FAST in order to be able to
  * build this file with unmodified openssl. */
 
-#if (defined(OPENSSL_IS_BORINGSSL) || OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER)
+#if (defined(OPENSSL_IS_BORINGSSL) || \
+     (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \
+     LIBRESSL_VERSION_NUMBER >= 0x4020000fL)
 static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len,
                           STACK_OF(SSL_CIPHER) *peer_ciphers,
                           const SSL_CIPHER **cipher, void *arg)